Date: Tue, 2 Oct 2001 20:58:00 -0400 From: Zvezdan Petkovic <zvezdan@CS.WM.EDU> To: stable@FreeBSD.ORG Subject: Re: SSH Problem Message-ID: <20011002205800.A24931@dali.cs.wm.edu> In-Reply-To: <7140000.1002030825@rushlight.kf8nh.apk.net>; from allbery@ece.cmu.edu on Tue, Oct 02, 2001 at 09:53:46AM -0400 References: <OF40891511.811B6EE4-ON88256AD9.0038BC32@wr.usgs.gov> <7140000.1002030825@rushlight.kf8nh.apk.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Oct 02, 2001 at 09:53:46AM -0400, Brandon S. Allbery KF8NH wrote: > On Tuesday, October 02, 2001 03:22:57 -0700, rsowders@usgs.gov wrote: > +---- > | While that may be the problem, it is supposed to try one and then the > | other. All my machines use either key with no problems. Cvsuped 8 days > +--->8 > > It's supposed to, but my experience is that this doesn't always do what you > expect. I think if it can make an ssh2 connection but you have no > authorized_keys2 (only authorized_keys) then it will prompt for a password. > Be careful about this though. The latest security advisory from OpenBSD advertises the new OpenSSH 2.9.9 with some fixes and states clearly that authorized_keys2 and known_hosts2 (/etc/ssh/ssh_known_hosts2) are considered _deprecated_. OpenSSH will still use them as read only files for compatibility, but the advisory tells that nobody guarantees that future versions will use these files at all. I do not understand why FreeBSD still distributes OpenSSH 2.3.x as default and OpenSSH 2.9 as a port. As you can see it is already at 2.9.9 version. If you still use Protocol 1 you should be aware that your system is _very_ vulnerable since there is a software that can sniff on that version of SSH protocol. _RUN_ and update to Protocol 2 and preferably the latest OpenSSH version. :-) Best regards, -- Zvezdan Petkovic <zvezdan@cs.wm.edu> http://www.cs.wm.edu/~zvezdan/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011002205800.A24931>